CVE-2023-36612

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jun 25, 2023

Updated: Jun 30, 2023

CWE ID 22

Summary

CVE-2023-36612 is a directory traversal vulnerability affecting the Basecamp com.basecamp.bc3 application for Android before version 4.2.1. An attacker can exploit this issue to write arbitrary files in the application's private directory. Moreover, by exploiting this vulnerability, an attacker may manipulate server responses, potentially redirecting them to unintended third-party applications, posing a risk for sensitive information leakage.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rxHLFp
https://www.cve.org/CVERecord?id=CVE-2023-36612
https://nvd.nist.gov/vuln/detail/CVE-2023-36612

Back to Vulnerability Database

CVE-2023-36612

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations